Watchman – Your Malware Alert Bot with Notion, Slack, And BetterUptime Integration

The vigilant configuration change alerting and incident escalation bot designed to safeguard your digital world.

In this article, we’ll explore how Watchman seamlessly integrates with popular tools like Notion, Slack, and BetterUptime to provide real-time protection against malware threats.

Discover how to set up Watchman and bolster your cybersecurity defenses with ease.

watchman is a configuration change alerting and incident escalation bot for Kandji malware threats that integrates with Notion, Slack and BetterUptime.

watchman knows all, watchman sees all.

Get Started

watchman is built and deployed using SST.

Quick Start

Ensure you have a valid AWS account configured. If not, run:

aws configure

Then you can initialize SST and deploy a stack. This will take a while:

pnpm i
pnpm dev

You will need to initialize some secrets. Get these values from BetterUptime, Notion, Kandji, and Slack:

pnpm sst secrets set BETTERUPTIME_API_KEY "<REPLACE_KEY_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set KANDJI_API_KEY "<REPLACE_KEY_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set SLACK_WEBHOOK "<REPLACE_WEBHOOK_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set NOTION_API_KEY "<REPLACE_KEY_HERE>" # "--stage prod" if you're setting for prod
pnpm sst secrets set NOTION_DATABASE_ID "<REPLACE_ID_HERE>" # "--stage prod" if you're setting for prod

After you’re done, remember to clean up:

pnpm run remove

GitLab Watchman : Monitoring GitLab For Sensitive Data Shared Publicly

February 22, 2021

In "Kali Linux"

Pyre : Performant Type-Checking For Python

September 3, 2020

In "Kali Linux"

SpyAI : Intelligent Malware With Advanced Capabilities

March 28, 2025

In "Cyber security"

Varshini

Varshini is a Cyber Security expert in Threat Analysis, Vulnerability Assessment, and Research. Passionate about staying ahead of emerging Threats and Technologies.